Unwrapping the Chrysalis

Abstract

We describe our experiences reverse engineering the Chrysalis-ITS Luna
CA³ – a PKCS#11 compliant cryptographic token. Emissions analysis and
security API attacks are viewed by many to be simpler and more efficient
than a direct attack on an HSM. But how difficult is it to actually “go
in the front door”? We describe how we unpicked the CA³ internal
architecture and abused its low-level API to impersonate a CA³ token in
its cloning protocol – and extract PKCS#11 private keys in the clear. We
quantify the effort involved in developing and applying the skills
necessary for such a reverse-engineering attack. In the process, we
discover that the Luna CA³ has far more undocumented code and
functionality than is revealed to the end-user.